On Wed, 15.05.13 08:53, Chris Adams (li...@cmadams.net) wrote:

> Once upon a time, Lennart Poettering <mzerq...@0pointer.de> said:
> > >            112ms iscsi.service
> > 
> > This really sounds like something that should be socket actviated on
> > demand rather than run by default.
> 
> This is attaching to configured iSCSI devices (which at a minimum
> requires parsing configuration files to see if there are any devices
> configured), not running a listening daemon.

It should be possible to come up with some form of ConditionPathExists=
or ConditionDirectoryNotEmpty= that causes this to be skipped if no
targets are configured.

https://bugzilla.redhat.com/show_bug.cgi?id=951951

> > >             97ms sshd.service
> > 
> > Dito. THis is something to start by default only on hosts where a ton of
> > people log in all the time.
> 
> SSH host key generation needs to be done in advance (don't want a
> connecting socket to wait for that).  Maybe that could be done with a
> separate firstboot-like service that gets disabled once run?

We should really to be as stateless as possible here and not require
write access to /etc, which a solution like this would require.

Instead I'd propose to splitt the key generation into its own service
but then pull this in by the first connection and conditionalize it also
with ConditionPathExists= or so:

ConditionPathExists=!/etc/ssh/ssh_host_rsa_key

I filed this now:

https://bugzilla.redhat.com/show_bug.cgi?id=963268

Lennart

-- 
Lennart Poettering - Red Hat, Inc.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Reply via email to